Ryan Prior wrote:
> You seem to imply that there is a technical infeasibility that cannot be
> overcome. If the public point database were segregated by a UNIX-style
> permissions system and connected to via SSH, wouldn't it be just about
> as safe as any public file server or database? Files that are "shared"
> can be accessed, files that are private stay private. A server-side
> daemon could negotiate friends lists, proximity, and other details
> without ever exposing private position data publicly.
>> Am I missing something on the privacy front? Perhaps I just didn't grok
> your example.
I think so.
I was simply meaning that a simple static database exporting only the
position dumbly does not suit.
Os course SSH gives you access to the server securely.
You want something much more fine-grained than simply 'access, no access'.
Alice is my wife, I'm quite happy for her to have realtime tracking 24*7.
Bob is my brother, that gets really drunk on saturday night, I don't
want him able to track me from Sat 6PM-Sun 12AM.
Charlie is my employer, they get to track me while I'm at work.
Dave is someone in the group 'internet friends', who can get a position
to within 50Km at any time, so we might arrange a meeting. I do _not_
want him turning up on my doorstep unannounced.
I don't know Edwin, who has set his public tags to "Neo1973
Snowboarding" and if I get within 500m of him, I want my phone to bleep,
as these are my interests too. I should not be able to know anything
about him until he gets within 500m - I may not even get a position for
him, just contact details.
Fred has come into bluetooth range, and has interests that I share, so
again I want the phone to beep or something, maybe swap musical tracks,
do least-cost routing over his GPRS if he's got a better contract than
me (with payment).
Georgina matches my 'dating' profile, and has come within 100m. We may
have our phones setup to share pictures and a brief bio.
This is all quite fine-grained, with many different classes of user.
It needs more than a simple database of everyones location.
Then there is the reputation, and avoiding fake users that are simply
setup to repeatedly wander round populous areas gathering all the
information they can.